diff options
| author | Jonas Smedegaard <dr@jones.dk> | 2020-02-13 13:54:00 +0100 |
|---|---|---|
| committer | Jonas Smedegaard <dr@jones.dk> | 2020-02-13 13:54:11 +0100 |
| commit | 0b6ded513adda502b62561dd7d403e9ff477de4b (patch) | |
| tree | 658109c329e38506c6c8939710902f1a7c8d4aa7 | |
| parent | b37303b3cc2e60cafd250f3eee24e648927b6a2d (diff) | |
add apache2 config-available ssl snippet
| -rw-r--r-- | apache2/conf-available/local-ssl.conf | 25 |
1 files changed, 25 insertions, 0 deletions
diff --git a/apache2/conf-available/local-ssl.conf b/apache2/conf-available/local-ssl.conf new file mode 100644 index 0000000..ae0d6fa --- /dev/null +++ b/apache2/conf-available/local-ssl.conf @@ -0,0 +1,25 @@ +SSLEngine on +#SSLCertificateFile /etc/ssl/certs/apache2.pem +#SSLCertificateKeyFile /etc/ssl/private/apache2.pem +SSLCACertificatePath /etc/ssl/certs/ +#SSLCARevocationPath /etc/apache2/ssl.crl/ +#SSLCARevocationFile /etc/apache2/ssl.crl/ca-bundle.crl + +#SSLVerifyClient require +#SSLVerifyDepth 10 + +#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire +<FilesMatch "\.(cgi|shtml|phtml|php)$"> + SSLOptions +StdEnvVars +</FilesMatch> +<Directory /usr/lib/cgi-bin> + SSLOptions +StdEnvVars +</Directory> + +BrowserMatch "MSIE [2-6]" \ + nokeepalive ssl-unclean-shutdown \ + downgrade-1.0 force-response-1.0 +# MSIE 7 and newer should be able to use keepalive +BrowserMatch "MSIE [17-9]" ssl-unclean-shutdown + +#CustomLog /var/log/apache2/ssl_request_log "%t %h %{SSL_PROTOCOL}x %{SSL_CIPHER}x \"%r\" %b" |